Self Destructing Messages

If you're new here, you may want to subscribe to my RSS feed. Thanks for visiting!

I recently ran across several mentions of services that are offering the ability to send emails that self destruct after they’re read.

The way it works is you use a provider’s service to send your message. The recipient gets an email telling them that they have an email from you and a url where they can read it. When they read the message it gets deleted from the server and cannot be read again.

I think there’s problems with this kind of messaging though. First off, When I get a message telling me to visit a website to get the message I treat it as spam unless it’s a notification from a forum that I’m a member of. Second off, the message might be self destructing, but if I know that’s what I’m picking up, I’m going to take a screenshot and hit “view source” on my browser the second the page is done loading so that I’ll have a copy of it anyway.

I think that it’s better all the way around to use a few simple rules when sending messages.

Remember that standard email is sent in plain text, un-encrypted and can be read by any number of people with very little trouble at all. Just because you sent it to one person, does not mean it won’t show up on a dozen blogs next week or be forwarded to a few hundred people.

If you don’t want it to be read by just anyone, the the recipient’s PGP public key and encrypt it to that key. If they don’t have PGP (or GnuPG which is 100% free) then encourage them to get it.

Even if you sent a message encrypted, remember that the person who received it could still spread it around (accidentally or deliberately).

Never say anything in an email that you wouldn’t want the world to know unless you REALLY trust the recipient and then use GPG / PGP to encrypt it and keep it away from third parties.

2 Comments

There is a legal issue behind those “Self Destructing” emails. First the message was not sent as an email but placed on a server. This way you can legally erase the message from your server without taking any backup. In contrast, US communication provider have to keep log files about sent email.

I knew that the Bush administration has been making noises about data retention but I didn’t know that retaining sent email log files had yet been enacted. Can you (or anyone who knows) give links to the legislation or executive orders involved?